Mac Security: Java for OS X, Flash, Evernote Updates [u]

5 March 20131,397 views2 Comments

Have a Mac running OS X Lion v10.7 or later with Java installed? Then you need to fire up the Mac App Store (a.k.a. Software Update) and get this Java for OS X Update. And, wow, what a weekend for Mac security! Evernote and Flash hacks made the rounds, meaning even more security-centric updates for the rest of us.

And, there’s this bit of boilerplate Apple’s been including with recent Java for Mac updates:

On systems that have not already installed Java for OS X 2012-006, this update disables the Java SE 6 applet plug-in. To use applets on a web page, click on the region labeled “Missing plug-in” to download the latest version of the Java applet plug-in from Oracle.

Apple has posted detailed update notes, but the details are exactly the same as those provided above — thanks for that. Likewise, the mothership hasn’t yet listed the security content of the Java for OS X 2013-002 Update — we’re welcome, we’re sure.

Needless to say, Java users need to apply both the Apple and Oracle’s patches.

An Eventful Weekend

Just in case you missed the Mac Security fun this weekend, Apple pushed a Xprotect update that blocked older versions of Adode Flash due to the appearance of an active, in-the-wild exploit. Get the latest Flash update, which addresses the vuln.

Like a long list of other A-list internet companies of late, Evernote got hacked and dutifully announced the same to its 50 million users. The company says no sensitive info was compromised.

[u] In a statement provided to InformationWeek, Evernote spokeswoman Ronda Scott said, “We were already planning to roll out optional two-factor authentication to all of our users later this year. We are accelerating those plans now.”

Hopefully, that will be benefit than trouble whence it arrives — no mention from Evernote on the timing yet…